Many leaders have heard the terms "DevOps" or "DevSecOps", but may not be sure how to get there from a traditional development and operations culture. In this session we'll explore approaches to move from a siloed environment, possibly using waterfall processes and monolithic architectures to a collaborative agile environment with modern software architectures.
Security at the Speed of Software DevelopmentDevOps.com
There are a lot of DevSecOps offerings that are just DevOps lipstick on a traditional security-as-a-gate pig. Also, security specialists, especially at large organizations, believe that better security comes from robust independent gating. On the other hand, DevOps has proven that you can safely deploy an order of magnitude or more faster than human gating can achieve.
What's needed to add security to DevOps are tools that work well with rapid-cycle CI/CD pipelines and an approach that reinforces the DevOps culture and process changes. This requires that security specialists become self-service toolsmiths and coaches and stop thinking of their jobs as gatekeepers.
This webinar will introduce a framework to accomplish this mindset shift. It includes guidance on the characteristics of tools compatible with DevOps. It has been successfully used in a large DevSecOps transformation at Comcast and has gained recognition in DevSecOps circles as a leading framework.
40 DevSecOps Reference Architectures for you. See what tools your peers are using to scale DevSecOps and how enterprises are automating security into their DevOps pipeline. Learn what DevSecOps tools and integrations others are deploying in 2019 and where your choices stack up as you consider shifting security left.
Kevin Huang: AWS San Francisco Startup Day, 9/7/17
Architecture: When, how, and if to adopt microservices - Microservices are not for everyone! If you're a small shop, a monolith provides a great amount of value and reduces the complexities involved. However as your company grows, this monolith becomes more difficult to maintain. We’ll look at how microservices allow you to easily deploy and debug atomic pieces of infrastructure which allows for increased velocity in reliable, tested, and consistent deploys. We’ll look into key metrics you can use to identify the right time to begin the transition from monolith to microservices.
Are you looking to build Cloud-based application using DevOps methodlogy but worried that the traditional security methods may not adapt to the modern development techniques? Azure Secure DevOps Kit
DevSecOps (short for development, security, and operations) is a development practice that integrates security initiatives at every stage of the software development lifecycle to deliver robust and secure applications.
Today’s cutting edge companies have release cycles measured in days instead of months. This agility is enabled by the DevOps practice of continuous delivery, which automates building, testing, and deploying all code changes. This type of automation will help you catch bugs sooner and accelerate developer productivity. In this session we will share our AWS engineers embed security practices in DevOps, and discuss how you can use AWS services to securely enable DevOps agility in your organization.
Security at the Speed of Software DevelopmentDevOps.com
There are a lot of DevSecOps offerings that are just DevOps lipstick on a traditional security-as-a-gate pig. Also, security specialists, especially at large organizations, believe that better security comes from robust independent gating. On the other hand, DevOps has proven that you can safely deploy an order of magnitude or more faster than human gating can achieve.
What's needed to add security to DevOps are tools that work well with rapid-cycle CI/CD pipelines and an approach that reinforces the DevOps culture and process changes. This requires that security specialists become self-service toolsmiths and coaches and stop thinking of their jobs as gatekeepers.
This webinar will introduce a framework to accomplish this mindset shift. It includes guidance on the characteristics of tools compatible with DevOps. It has been successfully used in a large DevSecOps transformation at Comcast and has gained recognition in DevSecOps circles as a leading framework.
40 DevSecOps Reference Architectures for you. See what tools your peers are using to scale DevSecOps and how enterprises are automating security into their DevOps pipeline. Learn what DevSecOps tools and integrations others are deploying in 2019 and where your choices stack up as you consider shifting security left.
Kevin Huang: AWS San Francisco Startup Day, 9/7/17
Architecture: When, how, and if to adopt microservices - Microservices are not for everyone! If you're a small shop, a monolith provides a great amount of value and reduces the complexities involved. However as your company grows, this monolith becomes more difficult to maintain. We’ll look at how microservices allow you to easily deploy and debug atomic pieces of infrastructure which allows for increased velocity in reliable, tested, and consistent deploys. We’ll look into key metrics you can use to identify the right time to begin the transition from monolith to microservices.
Are you looking to build Cloud-based application using DevOps methodlogy but worried that the traditional security methods may not adapt to the modern development techniques? Azure Secure DevOps Kit
DevSecOps (short for development, security, and operations) is a development practice that integrates security initiatives at every stage of the software development lifecycle to deliver robust and secure applications.
Today’s cutting edge companies have release cycles measured in days instead of months. This agility is enabled by the DevOps practice of continuous delivery, which automates building, testing, and deploying all code changes. This type of automation will help you catch bugs sooner and accelerate developer productivity. In this session we will share our AWS engineers embed security practices in DevOps, and discuss how you can use AWS services to securely enable DevOps agility in your organization.
Security teams are often seen as roadblocks to rapid development or operations implementations, slowing down production code pushes. As a result, security organizations will likely have to change so they can fully support and facilitate cloud operations.
This presentation will explain how DevOps and information security can co-exist through the application of a new approach referred to as DevSecOps.
Why DevOps?
DevOps principles
DevOps concepts
DevOps practices
DevOps people
DevOps controls
DevOps training and further reading
Where do you start with DevOps?
In this session, we’ll discuss the benefits of moving from monolithic to micro-services application architectures, and examine where micro-services can be used. We’ll share common transition strategies and relate them to the specifics of e-commerce and retail workloads, using customer examples. You’ll learn how to build micro-services using AWS services, and get a better understanding of the role of data storage, API endpoints and service discovery. Plus, you can learn from the real-life experience of Digital Goodie, an online retailing platform for connected commerce.
All organizations want to go faster and decrease friction in their cloud software delivery pipeline. Infosec has an opportunity to change their classic approach from blocker to enabler. This talk will discuss hallmarks of CI/CD and some practical examples for adding security testing across different organizations. The talk will cover emergent patterns, practices and toolchains that bring security to the table.
Presented at OWASP NoVA, Sept 25th, 2018
Apigee and Amazon Web Services join together in this webcast to discuss using Apigee's API management for AWS-powered backends. API management makes it easy to expose and consume APIs from services built on AWS. Whether your backend runs on EC2, DynamoDB, or AWS Lambda, we'll show you the best way to build AWeSome APIs.
Creating an Effective Roadmap for Your Cloud Journey (ENT225-R1) - AWS re:Inv...Amazon Web Services
The Cloud Journey Workshop is an experiential session that works through a representative use case of a company's cloud adoption journey. In this session, participants divide into teams, and each team makes practical recommendations for how to plan and execute their journey to the cloud so they can meet business expectations. By participating, you learn best practices on organization transformation, cloud foundations establishment, migration methodology, and application landscape optimization from AWS facilitators. You also have the opportunity to share tips with other AWS customers to make your cloud journey successful.
by Jeet Shangari, Sr. Technical Account Manager, AWS
Software release cycles are now measured in days instead of months. Cutting edge companies are continuously delivering high-quality software at a fast pace. In this session, we will cover how you can begin your DevOps journey by sharing best practices and tools used by the engineering teams at Amazon. We will showcase how you can accelerate developer productivity by implementing continuous Integration and delivery workflows. We will also cover an introduction to AWS CodeStar, AWS CodeCommit, AWS CodeBuild, AWS CodePipeline, AWS CodeDeploy, AWS Cloud9, and AWS X-Ray the services inspired by Amazon's internal developer tools and DevOps practice. Level 200
Why a Multi-cloud Strategy is EssentialAlibaba Cloud
See webinar recording of this presentation at: https://resource.alibabacloud.com/webinar/live.htm?&webinarId=62
When first discussing a multi-cloud strategy, we must start with its importance, its reasoning (why you need it) and what formats can be adopted. Only then can we dive deeper into the different ways a customer could distribute their infrastructure across multiple clouds as well as the business and technical considerations that should be kept in mind while adopting any of these models. Finally, we will touch upon why Alibaba Cloud fits well in your Multi-cloud strategy.
Security in CI/CD Pipelines: Tips for DevOps EngineersDevOps.com
While DevOps is becoming a new norm for most of the companies, security is typically still behind. The new architectures create a number of new process considerations and technical issues. In this practical talk, we will present an overview of the practical issues that go into making security a part of DevOps processes. Will cover incorporating security into existing CI/CD pipelines and tools DevOps professionals need to know to implement the automation and adhere to secure coding practices.
Join Stepan Ilyin, Chief Product Officer at Wallarm for an engaging conversation where you’ll learn:
Methodologies and tooling for dynamic and static security testing
Composite and OSS license analysis benefits
Secrets and analysis and secrets management approaches in distributed applications
Security automation and integration in CI/CD
Apps, APIs and workloads protection in cloud-native K8s enabled environments
Analyze key aspects to be considered before embarking on your cloud journey. The presentation outlines the strategies, approach, and choices that need to be made, to ensure a smooth transition to the cloud.
DevOps on AWS: Accelerating Software Delivery with AWS Developer Tools | AWS ...Amazon Web Services
Software release cycles are now measured in days instead of months. Cutting-edge companies are continuously delivering high-quality software at a fast pace. In this session, you will learn how to begin your DevOps journey through best practices and tools used by the "two pizza" engineering teams at Amazon. We will showcase how you can accelerate developer productivity by implementing continuous integration and delivery workflows. We will also cover an introduction to AWS CodeStar, AWS CodeCommit, AWS CodeBuild, AWS CodePipeline, and AWS CodeDeploy - the services inspired by Amazon's internal developer tools and DevOps practice. Learn More: https://aws.amazon.com/government-education/
Delivering DevOps on AWS: Accelerating Software Delivery with AWS Developer T...Amazon Web Services
Software release cycles are now measured in days, rather than months. Cutting-edge companies continually deliver high-quality software at a fast pace to remain competitive. In this session, we cover how you can begin your DevOps journey by sharing best practices and tools used by Amazon’s two pizza engineering teams. We’ll showcase how you can accelerate developer productivity by implementing continuous integration and delivery workflows. We’ll also provide an introduction to AWS CodeStar, AWS CodeCommit, AWS CodeBuild, AWS CodePipeline, and AWS CodeDeploy – the services inspired by Amazon's internal developer tools and DevOps practice.
Security teams are often seen as roadblocks to rapid development or operations implementations, slowing down production code pushes. As a result, security organizations will likely have to change so they can fully support and facilitate cloud operations.
This presentation will explain how DevOps and information security can co-exist through the application of a new approach referred to as DevSecOps.
Why DevOps?
DevOps principles
DevOps concepts
DevOps practices
DevOps people
DevOps controls
DevOps training and further reading
Where do you start with DevOps?
In this session, we’ll discuss the benefits of moving from monolithic to micro-services application architectures, and examine where micro-services can be used. We’ll share common transition strategies and relate them to the specifics of e-commerce and retail workloads, using customer examples. You’ll learn how to build micro-services using AWS services, and get a better understanding of the role of data storage, API endpoints and service discovery. Plus, you can learn from the real-life experience of Digital Goodie, an online retailing platform for connected commerce.
All organizations want to go faster and decrease friction in their cloud software delivery pipeline. Infosec has an opportunity to change their classic approach from blocker to enabler. This talk will discuss hallmarks of CI/CD and some practical examples for adding security testing across different organizations. The talk will cover emergent patterns, practices and toolchains that bring security to the table.
Presented at OWASP NoVA, Sept 25th, 2018
Apigee and Amazon Web Services join together in this webcast to discuss using Apigee's API management for AWS-powered backends. API management makes it easy to expose and consume APIs from services built on AWS. Whether your backend runs on EC2, DynamoDB, or AWS Lambda, we'll show you the best way to build AWeSome APIs.
Creating an Effective Roadmap for Your Cloud Journey (ENT225-R1) - AWS re:Inv...Amazon Web Services
The Cloud Journey Workshop is an experiential session that works through a representative use case of a company's cloud adoption journey. In this session, participants divide into teams, and each team makes practical recommendations for how to plan and execute their journey to the cloud so they can meet business expectations. By participating, you learn best practices on organization transformation, cloud foundations establishment, migration methodology, and application landscape optimization from AWS facilitators. You also have the opportunity to share tips with other AWS customers to make your cloud journey successful.
by Jeet Shangari, Sr. Technical Account Manager, AWS
Software release cycles are now measured in days instead of months. Cutting edge companies are continuously delivering high-quality software at a fast pace. In this session, we will cover how you can begin your DevOps journey by sharing best practices and tools used by the engineering teams at Amazon. We will showcase how you can accelerate developer productivity by implementing continuous Integration and delivery workflows. We will also cover an introduction to AWS CodeStar, AWS CodeCommit, AWS CodeBuild, AWS CodePipeline, AWS CodeDeploy, AWS Cloud9, and AWS X-Ray the services inspired by Amazon's internal developer tools and DevOps practice. Level 200
Why a Multi-cloud Strategy is EssentialAlibaba Cloud
See webinar recording of this presentation at: https://resource.alibabacloud.com/webinar/live.htm?&webinarId=62
When first discussing a multi-cloud strategy, we must start with its importance, its reasoning (why you need it) and what formats can be adopted. Only then can we dive deeper into the different ways a customer could distribute their infrastructure across multiple clouds as well as the business and technical considerations that should be kept in mind while adopting any of these models. Finally, we will touch upon why Alibaba Cloud fits well in your Multi-cloud strategy.
Security in CI/CD Pipelines: Tips for DevOps EngineersDevOps.com
While DevOps is becoming a new norm for most of the companies, security is typically still behind. The new architectures create a number of new process considerations and technical issues. In this practical talk, we will present an overview of the practical issues that go into making security a part of DevOps processes. Will cover incorporating security into existing CI/CD pipelines and tools DevOps professionals need to know to implement the automation and adhere to secure coding practices.
Join Stepan Ilyin, Chief Product Officer at Wallarm for an engaging conversation where you’ll learn:
Methodologies and tooling for dynamic and static security testing
Composite and OSS license analysis benefits
Secrets and analysis and secrets management approaches in distributed applications
Security automation and integration in CI/CD
Apps, APIs and workloads protection in cloud-native K8s enabled environments
Analyze key aspects to be considered before embarking on your cloud journey. The presentation outlines the strategies, approach, and choices that need to be made, to ensure a smooth transition to the cloud.
DevOps on AWS: Accelerating Software Delivery with AWS Developer Tools | AWS ...Amazon Web Services
Software release cycles are now measured in days instead of months. Cutting-edge companies are continuously delivering high-quality software at a fast pace. In this session, you will learn how to begin your DevOps journey through best practices and tools used by the "two pizza" engineering teams at Amazon. We will showcase how you can accelerate developer productivity by implementing continuous integration and delivery workflows. We will also cover an introduction to AWS CodeStar, AWS CodeCommit, AWS CodeBuild, AWS CodePipeline, and AWS CodeDeploy - the services inspired by Amazon's internal developer tools and DevOps practice. Learn More: https://aws.amazon.com/government-education/
Delivering DevOps on AWS: Accelerating Software Delivery with AWS Developer T...Amazon Web Services
Software release cycles are now measured in days, rather than months. Cutting-edge companies continually deliver high-quality software at a fast pace to remain competitive. In this session, we cover how you can begin your DevOps journey by sharing best practices and tools used by Amazon’s two pizza engineering teams. We’ll showcase how you can accelerate developer productivity by implementing continuous integration and delivery workflows. We’ll also provide an introduction to AWS CodeStar, AWS CodeCommit, AWS CodeBuild, AWS CodePipeline, and AWS CodeDeploy – the services inspired by Amazon's internal developer tools and DevOps practice.
DevOps as a Pathway to AWS | AWS Public Sector Summit 2016Amazon Web Services
The concept of DevOps is a powerful one for federal agencies, promising to provide the responsiveness and speed needed to keep pace with rapidly changing mission requirements. In terms of cloud adoption, DevOps accelerates the development of new, cloud-native applications while building the operational capabilities needed to manage more dynamic environments. During this session, we will review specific options for implementing DevOps using Amazon Web Services (AWS), including development of new Platform-as-a-Service capabilities and rapid migration of enterprise systems.
AWS re:Invent 2016: DevOps on AWS: Accelerating Software Delivery with the AW...Amazon Web Services
Today’s cutting edge companies have software release cycles measured in days instead of months. This agility is enabled by the DevOps practice of continuous delivery, which automates building, testing, and deploying all code changes. This automation helps you catch bugs sooner and accelerates developer productivity. In this session, we’ll share the processes followed by Amazon engineers and discuss how you can bring them to your company by using AWS CodePipeline and AWS CodeDeploy, services inspired by Amazon's internal developer tools and DevOps culture.
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsAmazon Web Services
Today’s cutting-edge companies have software release cycles measured in days instead of months. This agility is enabled by the DevOps practice of continuous delivery, which automates building, testing, and deploying all code changes. This automation helps you catch bugs sooner and accelerates developer productivity. In this session, we’ll share the processes that Amazon’s engineers use to practice DevOps and discuss how you can bring these processes to your company by using a new set of AWS tools (AWS CodeCommit, AWS CodePipeline, and AWS CodeDeploy). These services were inspired by Amazon's own internal developer tools and DevOps culture.
Building a DevOps Culture in Public Sector | AWS Public Sector Summit 2017Amazon Web Services
Learn how to take your organization from manually tweaking and deploying servers and applications to automating the process, all the way from infrastructure to application code. In this session, we discuss how to structure teams to use DevOps, Service-Oriented Architecture, and Microservices. We evaluate the skill sets that are required for this and ways to attain or train employees to be sure that they have these skill sets. Customers who have gone through a transition to DevOps will discuss what the journey was like and lessons learned along the way. https://aws.amazon.com/government-education/
AWS re:Invent 2016: DevOps on AWS: Advanced Continuous Delivery Techniques (D...Amazon Web Services
Continuous delivery makes teams more agile and quickens the pace of innovation. Too often, though, teams adopt continuous delivery without putting the right safety mechanisms in place. In this talk, we'll transform a simple but typical software release process into one that is safe. We'll use DevOps techniques like continuous integration, a variety of non-production testing stages, rollbacks, machine redundancy, Availability Zone redundancy, canary deployments, canary tests, and dashboards. We'll use AWS Lambda, AWS CloudFormation, AWS CodePipeline, AWS CodeDeploy, Amazon CloudWatch alarms and dashboards, and AWS Elastic Beanstalk.
AWS re:Invent 2016: Automated DevOps and Continuous Delivery (DEV211)Amazon Web Services
In the digital economy, the fast development and deployment of applications is critical to success. To thrive in this application-oriented business environment, IT organizations are acting now to change their tools and processes to better support agile development methodologies. This session will cover performance benchmarking, benefits of migrating existing workloads, use of key services like Amazon RDS and AWS CloudHSM, and demonstrate how to deploy applications securely and at scale. Session sponsored by Cisco.
AWS re:Invent 2016: Taking DevOps to the AWS Edge (CTD302)Amazon Web Services
In this session, we dive deep into how you can integrate Amazon CloudFront and related services into your application, be agile in developing and adapting the application, and follow best practices when configuring the services to improve security and performance, all while reducing costs. Attend this session and learn how to avoid needless forwarding of headers and cookies, test your application when making changes to the origin, version your configuration changes, monitor usage and automate security, create templates for new distributions, configure SSL/TLS certificates, and more.
AWS re:Invent 2016: How I learned to embrace DevOps and Configure Infrastruct...Amazon Web Services
In this session, you will learn how you can use EC2 management capabilities to perform repeatable automation of your infrastructure at scale, across platforms and hybrid environments. As you embark on your cloud journey and embrace a modern DevOps mindset, you not only want to deploy software quickly but also ensure configuration consistency at cloud scale. Many enterprises have successfully used services such as EC2 Run Command to perform administrative tasks, and we'll share some of those stories. In addition, we will demo new capabilities to ensure a desired state approach to software configuration either through predefined or easy to build custom configurations, and also how you can integrate with other AWS services to deliver enterprise IT and business value.
Getting Started With Continuous Delivery on AWS - AWS April 2016 Webinar SeriesAmazon Web Services
Today’s cutting-edge companies have software release cycles measured in days instead of months. This agility is enabled by the DevOps practice of continuous delivery, which automates building, testing, and deploying code changes. This automation helps you catch bugs sooner and increases developer productivity.
In this webinar, we’ll share the processes that Amazon engineers use to practice DevOps and discuss how you can bring these processes to your company by using a new set of AWS tools (AWS CodePipeline and AWS CodeDeploy). These services were inspired by Amazon's own internal developer tools and DevOps culture.
Learning Objectives:
• Learn what is continuous delivery, its benefits, and how to implement it
• Learn how to increase the frequency and reliability of your application updates
• Learn to create an automated software release workflow on AWS
• Understand the basics of AWS CodePipeline and AWS CodeDeploy
AWS re:Invent 2016: Building the Future of DevOps with Amazon Web Services (D...Amazon Web Services
At Dynatrace, we challenged ourselves to build a virtual team member to help operations teams run large-scale cloud infrastructures. Think J.A.R.V.I.S. from Iron Man, but for operations. We built our cloud infrastructure on Amazon EC2, Elastic Load Balancing load balancers, and Auto Scaling groups for real-time scalability, Amazon Route 53 for instant customer access, Amazon Echo and Alexa for voice interaction, AWS Lambda for fast prototyping of the human-interaction layer, and Amazon DynamoDB for handling complex conversations. In this session, we will also discuss how we extend the service by using Amazon Machine Learning and AWS IoT to more naturally integrate our virtual assistant into the real world. Session sponsored by Dynatrace. This session sponsored by Dynatrace.
AWS Competency Partner
As software teams transition to cloud-based architectures and adopt more agile processes, the tools they need to support their development cycles will change. In this session, we'll take you through the transition that Amazon made to a service-oriented architecture over a decade ago. We will share the lessons we learned, the processes we adopted, and the tools we built to increase both our agility and reliability. We will also introduce you to AWS CodeCommit, AWS CodePipeline, and AWS CodeDeploy, three new services born out of Amazon's internal DevOps.
AWS Cloud Center Excellence Quick Start Prescriptive GuidanceTom Laszewski
This presentation is a practical playbook for defining, establishing, and implementing a Cloud Enablement Engine (CEE). It collates and summarizes the lessons learned and anti-patterns gathered from the CEE journeys successfully navigated at Amazon and other large enterprise companies. A lot has been written about the need to establish a CEE, the benefits of moving to a productization mindset, and the business value of tribes, guilds, and two-pizza teams. However, larger organizations are still struggling with a CEE 30-60-90 day plan, and the essential components of the CEE during its first six months in existence.
The prescriptive guidance in this presentation provides pragmatic and tactical advice for establishing a Cloud Enablement Engine (CEE) – also referred to as a Cloud Center of Excellence (CCoE) or Cloud Enablement Team. This presentation serves as a step-by-step guide for the initial setup activities, and the top ten best practices that have been extrapolated from working across a large number of customers. What not to do is as important as what to do. Therefore, the top ten anti-patterns are discussed.
A key focus of the CEE is transforming the IT organization from an on-premise operating model to a Cloud Operating Model (COM). The transformation to COM and the charter of a CEE are highly correlated and interconnected. During the nascent stage of the CEE, the focus of the CEE will be on the infrastructure components of a COM. This includes the operations, security & control, platform architecture & governance, and infrastructure provisioning & configuration management functions. AWS understands that enterprise (on-premises) operating models are based on ITIL. Therefore, the cloud transformation from an on-premises operating model to a COM will include mapping ITIL to a cloud, agile, and DevOps based capabilities and processes. Fortunately, ITIL 4.0 embraces DevOps, cloud, and agile.
As organizations begin their journey to the cloud, they often ask us what changes they need to make in their organizations in order to sustainably adopt cloud services. This webinar will educate attendees on charting their own cloud adoption journey by leveraging the AWS Cloud Adoption Framework (CAF) to sequence the transformational activities. We will go through the 7 key perspectives of the CAF that will shape your people, process, and technology strategy, and how they guide you through the 8-step journey into the cloud through the process of IT Transformation.
Learn how REAN Cloud helped AWS customer Ellucian develop a DevOps framework to transform their software delivery process for over 80 product lines. Attendees will gain an understanding of a real-world continuous integration/continuous delivery framework that leverages Packer, Jenkins, Vagrant, and Terraform, along with other best practices. REAN Cloud can implement a continuous integration and delivery pipeline on AWS and instill a DevOps culture for your dev teams. REAN provides a combination of DevOps and AWS expertise while also delivering managed services through CloudOps & SecOps. Join us to learn about: • Select new AWS features. • Benefits of automation. • Automating configuration, auto-scaling and deployments. Who should attend: CTOs, CIOs, Information Architects, Cloud Owner, Enterprise Architects, DevOps Managers, Senior Technical Managers in Engineering and Operations
How MediaMath Turbo-charged DevOps with AWS and CloudCheckrAmazon Web Services
DevOps is more than just an industry buzzword; it is a philosophy that forward-looking enterprises are deploying to move faster while staying safe. In 2007, MediaMath created the first software for real-time media buying for the digital marketing age. MediaMath’s technology analyzes more volume every day than the top 10 stock exchanges in the world combined, which amounts to ~200 billion customer opportunities daily. To accelerate these changes, MediaMath partnered with AWS and CloudCheckr to turbo-charge their DevOps initiatives. Leveraging CloudCheckr’s unified cost and security management platform, MediaMath realized $2 million in cost savings in one year, allowing them to become the leading independent programmatic company for marketers. CloudCheckr is a SaaS solution that provides data center quality continuous monitoring, security, and control for the infrastructure layer of public cloud users.
Contino aws summit - enterprise dev ops presentation - final bsBen Saunders
Ben Saunders - Client Principal at Contino, shares his insights on leveraging DevOps to avoid a Shakespearean tragedy when treating the cloud like a traditional data centre.
As cloud services deployment matures in the enterprise, the emphasis has moved from deploying infrastructure as a service towards a model of delivering business services in a “SaaS-like” manner. How can organizations succeed in building hybrid technology models which effectively leverage AWS to deliver business services transparently to customers? In this presentation, we will discuss how use AWS and CSC to develop business services starting with hybrid IT, moving toward robust test and development strategies for enterprise applications, and finally providing a true “SaaS-like” experience for business users and customers alike.
Craig Stires, Head of Big Data and Analytics, Amazon Web Services, APAC
Dan Angelucci, Chief Technology Officer - Asia, Middle East and Africa, CSC
Agility is the number one goal for FS customers moving to AWS, but why is agility important and how can AWS help you achieve agility with control. In this presentation we will tell you why FS customer choose AWS and how they achieve agility with the control that is required working in a regulated environment.
The People Model and Cloud Transformation | AWS Public Sector Summit 2016Amazon Web Services
A successful cloud transformation journey incorporates the three pillars of transformation: people, process, and technology. While leveraging the technology, the people component drives transformations. But far too often, cloud transformation efforts concentrate on the process improvement strategies and technology implementation, while essentially ignoring the human aspect of the change initiative and the opportunity to develop a more agile, DevOps culture. Many leaders who look back on previous change initiatives reflect that process and technology were simple to change compared to the people part of the organization. A central perspective within the AWS Cloud Adoption Framework, the "people perspective," guides organizations about aspects that affect people to reduce the risk and accelerate the value realization from cloud adoption. This session covers best-practice methods that enable customers to address challenges in setting up the right organizational structure to manage cloud operations, roles and job responsibilities during transition and post-cloud adoption, assessing gaps in skills and competencies required, building effective training models, and shaping a DevOps culture.
Best DevOps With AWS Online & Classroom training Naresh-ITmanoharjgpsolutions
✍️Enroll Now: https://bit.ly/3Uo3hKQ
👉Attend a Free Demo On 𝗗𝗲𝘃𝗢𝗽𝘀 𝗪𝗶𝘁𝗵 𝗔𝗪𝗦 𝗯𝘆 𝗠𝗿. 𝗩𝗲𝗲𝗿𝗮 𝗕𝗮𝗯𝘂.
📅Demo on: 2nd May @ 7:30 AM (IST).
For More Details:
🌐Visit: https://nareshit.com/new-batches/
Call: +91-9000994007, 9000994008,
9121104164 | support@nareshit.com
(ISM315) How to Quantify TCO & Increase Business Value Gains Using AWSAmazon Web Services
"Do you need to develop a business case for moving to cloud or communicate business value of your investment in AWS? This session introduces you to methods and tools to help you calculate total cost of ownership (TCO) and evaluate your business value gains from AWS.
In this session, you learn how to measure TCO and business value, and communicate a business case to organizations such as finance and procurement. You compare the costs of running your own IT infrastructure on-premises vs. on AWS and quantify intangible benefits. You also learn about resources available from AWS to help you engage in business value conversations with your organization’s leaders and what contact is available to you for further evaluation. "
AWS re:Invent 2016: Start Your Cost Optimization Program: Learning from Intui...Amazon Web Services
How do you optimize costs when migrating user-facing services from a proprietary data center to the Cloud? When Intuit faced this thorny question, they formed a cost-optimization team, built visibility into cost and usage data, decided when to use automation, and developed a culture of cost consciousness. Who do you select for this cross-functional team? How do you empower the team to reach across business units? Which metrics should you focus on first? How do you align your organization with this cause? Which roadblocks and issues could you face along the way? How will you create an internal chargeback model? Hear from the Intuit team about their journey, learn from the challenges that they overcame, and hear about the results they've achieved.
AWS re:Invent 2016: Lift and Evolve – Saving Money in the Cloud is Easy, Maki...Amazon Web Services
Every enterprise knows by now that it can save money by simply lifting and shifting workloads to the cloud, but many are missing the larger opportunity to also make money by moving. While quick costs savings are good for the bottom line, they do little to move the top line numbers. To achieve both savings and earnings, corporate thinking about technologies must change in order to enable faster processes leveraged enterprise-wide. In this session we will explore multiple customer success stories where the customers have evolved from leveraging basic compute and storage products (EC2 and S3) to integrating new services into operations by leveraging Lambda, DynamoDB, CodeDeploy, etc. Once this is achieved, enterprises are enabled to manage and deploy code rapidly in a programmatic and elastic secure network, ensuring governance and security standards across the globe. We will look at the migration process trusted by hundreds of clients as well as how to cope with the process and people components that are so important to enable agility, while focusing heavily on the technology. The Coca-Cola Company (TCCC) and 2nd Watch story will dive deep into the technology that allows TCCC to manage hundreds of AWS Accounts, hundreds of workloads, thousands of instances, and hundreds of business partners around the globe. TCCC’s Configuration Management System has Puppet at the core and relies on over a dozen core and emerging AWS products across accounts, availability zones and regions. This complex and globally-available system ensures all of TCCC’s workloads in AWS meet corporate policies but also allows for rapid scale of both consumer and enterprise workloads. Session sponsored by 2nd Watch.
AWS Competency Partner
Using Lean Thinking to identify and address Delivery Pipeline bottlenecksSanjeev Sharma
Using Lean Thinking to identify and address Delivery Pipeline bottlenecks: This session explores 'Lean Thinking' techniques to help identify 'bottlenecks' in your delivery pipeline that can be addressed by adopting DevOps
(ENT207) Creating a Culture of Cost Management in Your Organization | AWS re:...Amazon Web Services
As your organization increases its AWS usage, budget owners and users demand new levels of cost visibility.
This session explains how scaled organizations control and optimize their AWS spending as usage increases across multiple product teams. Attendees walk away with a strategy for driving cost effective behavior across the entire organization, from engineering to finance. Sponsored by Cloudability.
Topics include:
- Maintaining cost oversight while giving autonomy to individual teams
- Allocating costs across dozens or hundreds of accounts or applications
- Creating accountability around spending habits and waste
- Tying cloud spending to the bottom line
Financial Services Firms are moving enterprise workloads to AWS to drive agility and innovation. Being regulated entities, firms need to ensure they have necessary controls in place to attain compliance with the industry regulations.
Find out how Cowen, a leader in diversified financial services, achieved a solution with CTP and AWS. With CTP’s Continuous Compliance for AWS managed service, Cowen has the confidence to move their workloads to AWS and can continuously monitor their applications in AWS against PCI and NIST compliance frameworks
Similar to Leveraging Cloud Transformation to Build a DevOps Culture | AWS Public Sector Summit 2016 (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
The Metaverse and AI: how can decision-makers harness the Metaverse for their...Jen Stirrup
The Metaverse is popularized in science fiction, and now it is becoming closer to being a part of our daily lives through the use of social media and shopping companies. How can businesses survive in a world where Artificial Intelligence is becoming the present as well as the future of technology, and how does the Metaverse fit into business strategy when futurist ideas are developing into reality at accelerated rates? How do we do this when our data isn't up to scratch? How can we move towards success with our data so we are set up for the Metaverse when it arrives?
How can you help your company evolve, adapt, and succeed using Artificial Intelligence and the Metaverse to stay ahead of the competition? What are the potential issues, complications, and benefits that these technologies could bring to us and our organizations? In this session, Jen Stirrup will explain how to start thinking about these technologies as an organisation.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
2. The term “DevOps” typically refers to the emerging
professional movement that advocates a collaborative
working relationship between development and IT
operations, resulting in the fast flow of planned work (i.e.,
high deploy rates), while simultaneously increasing the
reliability, stability, resilience, and security of the production
environment.
—Gene Kim, author of The Phoenix Project
What is DevOps
3. Through Security as Code, we have and will learn that
there is simply a better way for security practitioners, like
us, to operate and contribute value with less friction. We
know we must adapt our ways quickly and foster innovation
to ensure data security and privacy issues are not left
behind because we were too slow to change.
—DevSecOps Manifesto
DevSecOps
4. Why does DevOps matter?
• High-performing IT organizations deploy 30x more
frequently with 200x shorter lead times; they have 60x
fewer failures and recover 168x faster.
• Lean management and continuous delivery practices
create the conditions for delivering value faster,
sustainably.
• High performance is achievable whether your apps are
greenfield, brownfield, or legacy.
(source: puppet labs 2015 State of Devops Report)
https://puppetlabs.com/sites/default/files/2015-state-of-devops-report.pdf
5. How do we transition to DevSecOps culture?
People/Process Technical
Reorganization: cross-discipline team Continuous integration
Reorganization by vTeams Continuous delivery
Documented release process Continuous deployment
Documented testing processes Automated testing
Cross-discipline training Automated monitoring and log analysis
Cross-discipline social events Configuration management
Rotation programs
6. Conway’s Law:
Any organization that designs a system (defined broadly)
will produce a design whose structure is a copy of the
organization's communication structure.
Melvyn Conway, 1967
http://www.melconway.com/Home/Conways_Law.html
Inverse Conway Maneuver:
In what could be termed an “inverse Conway maneuver,”
you may want to begin by breaking down silos that
constrain the team’s ability to collaborate effectively.
Jonny Leroy/Matt Simons, 2010
http://jonnyleroy.com/2011/02/03/dealing-with-creaky-legacy-platforms/
8. DevSecOps maturity model
Commit Accept Capacity Exploratory Production
Commit Accept Capacity Exploratory Production
Commit Accept Capacity Exploratory Production
Commit Accept Capacity Exploratory Production
Commit Accept Capacity Exploratory Production
DevSecOps maturity Deployment pipelines
Level5Level3Level4Level2Level1
Revision Control System
Convergence (Configuration Management) System
Infrastructure Provisioning System
Artifact Management System
Build & Continuous Integration System
Feedback System
9. Strategies for migration from level 1–level 5
• Greenfield: Start full pipeline on pilot projects
• Roll processes/tools to all new projects once verified
• Brownfield: Gradually apply DevSecOps principles
• Large organizations usually implement a combination
• Pilot project/center of excellence
• ”Back port” lessons onto existing code base
11. PROJECT MANAGEMENT
SERVER
1. PICK
TASKS
2. SUBMIT
CODE
3. BUILD
DEVELOPER
4. DEPLOY TO TEST
5. DOCUMENT DEPLOYMENT
OPERATIONS
7. DEPLOY TO PROD
TEST SERVER PRODUCTION SERVER
QA
6. TEST
8. TEST
SOURCE CODE
REPOSITORY
12. SOURCE CODE
REPOSITORY
PROJECT MANAGEMENT
SERVER1. PICK
TASKS
2. SUBMIT
CODE
4. BUILD
DEVELOPER
5. DEPLOY TO TEST
6. DOCUMENT DEPLOYMENT
OPERATIONS
8. DEPLOY TO PROD
CONTINUOUS
INTEGRATION SERVER
3. CHANGE
NOTIFICATION
TEST SERVER PRODUCTION SERVER
QA
7. TEST
9. TEST
13. SOURCE CODE
REPOSITORY
PROJECT MANAGEMENT
SERVER1. PICK
TASKS
2. SUBMIT
CODE
4. BUILD
DEVELOPER
5. DEPLOY TO TEST
TEST SERVER
OPERATIONS
PRODUCTION SERVER
7. DEPLOY TO PROD
QA
6. TEST
8. TEST
CONTINUOUS
INTEGRATION SERVER
3. CHANGE
NOTIFICATION
18. AWS and DevSecOps
Opportunity AWS Services
Marketplace offerings and Competency Partners
AWS
CloudFormation
AWS
CodeDeploy
AWS
OpsWorks
AWS Elastic
Beanstalk
• IT shops fully embracing DevSecOps, can be orders of magnitude more
productive than those that don’t.
• AWS offers an array of powerful services to enable DevSecOps.
• Using AWS CloudFormation to repeatedly and quickly deploy dev/test
environments, and then shut them down immediately when tests
complete, is helping customers:
Save money and time
Increase quality
Increase agility
AWS
CodeCommit
AWS
CodePipeline
19. DevSecOps, self service, and cost management
Automation empowers individuals; however:
Individuals spending OPM can spend too much
AWS services can help:
AWS Identity and Access Management
(IAM) restrictions
Cost Explorer
Detailed billing reports
Budgets
Cost and usage reports
Billing alerts
AWS Partners can provide more analytics and assist in cost control
20. Bridging the gap from DevOps
to finance
J.R. Storment, Chief Customer Officer at Cloudability
jr@cloudability.com
21. What DevSecOps brings to the table
Breaking down silos
Collaboration between cross-disciplinary teams
Move faster in refreshing your infrastructure
Constant adjustment to change
Automated monitoring and alerting
Effect—cost goes up and with a more complex financial
audit trail
26. Finance a part of the process now
DevOps Finance
measurebuy
align learn
delivery pipeline
feedback loop
Cloud efficiency lifecycle
27. What is DevSecOps?
developers customers
releasetestbuild
plan monitor
delivery pipeline
feedback loop
Software development lifecycle
28. The term “FinOps” typically refers to the emerging
professional movement that advocates a collaborative
working relationship between DevOps and Finance,
resulting in an iterative data-driven management of
infrastructure spending (i.e., lowering the unit economics of
cloud), while simultaneously increasing the cost efficiency
and ultimately profitability of the cloud environment.
What is FinOps?
—J.R. Storment, chief customer officer at Cloudability
29. FinOps czar (n) A person or team focused on looking at the
AWS billing data each month to identify opportunities to save
money (e.g., with Reserved Instance coverage)
FinOps/RI czar
Why appoint one?
Proper purchasing of RIs can save 30–60% on your AWS bill
Assuming a $1 M/yr spend, there’s a potential savings of $300
K+ year.
Usually is a technically minded person in finance, procurement,
or vendor management
30. How do you build a FinOps culture?
Put data in the hands of the people
Enact policies and evangelize best practices
Cross-train teams on shared knowledge and reporting tools
32. Tips for cost visibility
Get each stakeholder the spending fundamentals daily
Let each team see other teams’ spending habits
Create broadly available dashboards
35. • Tags are highly flexible, but 100% coverage is difficult due to compliance
• Linked accounts offer clean chargeback but limit reporting options
Consolidation of accounts to achieve volume
discounts driving centralized management of
finance optimization
36. Pro tips: allocating costs
Get consensus on the taxonomy (but let Finance drive)
Define 2–3 mandatory tags like “project” or “environment”
Consider a “tag or terminate” rule to enforce compliance
38. Don’t run the cloud like a data center:
65% of the hours in a month are
nights and weekends
39. Tips for encouraging efficient behavior
1. Automate weekly waste reporting for each team
2. Gamify cleanup by creating a visible leaderboard
3. Do a monthly, company-wide waste review
43. Focus on reducing unit cost, even at total cost grows
0
30
60
90
120
150
Unit cost Total cost
44. Thank you!
Emil Lerch, Senior Cloud Architect at Amazon Web Services,
emilerch@amazon.com
J.R. Storment, Chief Customer Officer at Cloudability
jr@cloudability.com
Editor's Notes
Of course there are many situations where this may not be realistic, but remember that Conway’s Law talks of the “communication structures” of an organization rather than reporting structures. There are often opportunities to improve communication pathways in lightweight ways without having to grapple with thornier organizational issues.
Forrester writes that AWS is the best fit for the DevOps pro segment
Nowadays, there are lots of little decisions made every day by many different people that affect your bill. You may have 150 developers each with the power to provision a server. The good news here is that everyone can get the resources they need in order to move more quickly and you don’t have to buy ahead of demand. The challenge is that the spending power is now decentralized and there’s less control over who can spend money.
The tools for efficiency need to be from the right era.
In an older car you had the ability to record your mileage, then look at how much gas you put in and calculate your miles per gallon then try to improve your driving efficiency . The problem is nobody did it because it took too much time and the gap between actions and results was too wide. So most of us just drove and didn’t think about it.
Now you’ve got dashboards like this one that tell you—as you drive—how the weight of your foot affects your MPG. If you’ve ever driven a Prius, it’s amazing how you automatically start making changes to your driving style. Not just to save money on gas but it becomes a game to see how efficient you can be.
Efficiency becomes a habit over time. Take that power of one person having this power, then multiply it out across everyone in your organization.
That is a culture of cost management.
It’s no longer one person’s responsibility. There are now a lot of players making decisions about what to buy and needing visibility into spending. But they need tools to do this.
secure innovation at speed and scale
secure innovation at speed and scale
They also added a new person. Someone dubbed the RI Czar.
This is a person or team focused on looking at the AWS billing data each month to identify opportunities to increase Reserved Instance coverage. In small companies this is a single person, in larger ones it can be a small team.
This person acts as an unbiased 3rd party liaison between the various stakeholders in the company to ensure the right data is being analyzed, the right conversations are being had and ultimately the right purchases and modifications are being made.
They made this someone’s job. The person was measured on the results and ran the process we just laid.
Is this person full-time? They can be. Usually not, but the numbers actually support dedicating a material amount of an FTE’s time to the process.
- Proper purchasing can save 30-60% of your EC2 !!! Bill.
- Assuming a $1M spend on EC2, that’s a lot of savings…enough to pay for some committing someone’s time to the process
Interestingly, this person generally doesn’t sit in the technology organization. We’ve seen it be a technically minded person in the finance, procurement or vendor management organizations.
Remember Ris are a billing construct (like a coupon) that is applied after the technology decision is made.
So…how do you build the culture.
Put data in the hands of the people (not once a monthly or whenever there’s a problem) but every day.
Enact policies and evangelize best practices (remember that running at scale on cloud is new to most companies and they simply don’t know where to start)
Incentivize good behavior (in fact, the most effective companies gamily and openly share how each group is doing)
The first stage “Cost Visibility” can be summed up as “What gets measured gets improved.
Tips in Stage I:
Get each stakeholder the spending fundamentals daily. Specifically get them visibility into their portion of the bill so that they can become accountably for daily changes.
Let each team see other’s spending habits. This helps create social pressure and incentivizes good behavior.
Create broadly available dashboards. Share them widely and put them up in shared workspaces.
Cloudability offers some powerful ways to deliver cost visibility to everyone. There’s a completely widgetized dashboard system that lets you view your spending in any way you want…look at costs by tag overlaid with usage data, monitor RI utilization compared to instance counts, whatever you like in a system that can be configured to work for execs as well as engineers. This type of visibility is the first step toward creating your culture.
OK let’s talk about the next stage, allocation is all about using the appropriate tools to split out the bill to answer the question of where did the dollars go?
These are your tools.
Here’s a structure we’ve seen work well.
Tags are highly flexible but 100% coverage is difficult due to compliance and the fact that not all charges can be tagged.
Linked accounts offer clean chargeback but limit reporting options.
Most commonly we see eng/ops folks push for tag-based solutions while finance folks tend to prefer account-based divisions due to the clean reporting lines they create.
Solution: Use Both with linked account splitting out most important divisions
—-
Linked accounts to split financial data
Tags to split operational data
Tips for allocating costs:
- Get consensus on the taxonomy. But we’ve found it works best for Finance to drive the conversation.
- Define 2-3 mandatory tags that must be applied before resources are deployed
Tagging on deployment is key, we’ve seen far too many post-deployment tagging automation schemes not work.
- Consider adding a Tag or Terminate rule to enforce tagging.
Efficiency. This Stage is all about turning off waste, resizing and rightsizing instances.
Here’s what’s important to cover in this stage.
Make sure each team is getting weekly reports on their underutilized instances, you can schedule this in Cloudability.
Gamify clean-up by creating a custom leaderboard that everyone can see. Again, check out our new dash boarding features for this.
Do a monthly whole company waste review. Work with your cost management provider, AWS and internal thought leaders to do a monthly review of where you could do better.
Everyone’s favorite stage - Savings through lowering hourly costs.
You reservations and infrastructure function as two sides of the same coin.Your infrastructure is fluid and elastic as such you need to keep modifying and adjusting your reserved instance portfolio to match.
Sunk cost + on-demand
Ok, now we get into the nirvana stage of cloud cost management. Unit Cost.
You should be watching unit cost and it’s affect on margin and managing your business to that number.
If you’re successful, your bill may always go up.
Focusing on unit cost will give you visibility into how that ties into the business—and get your management team off your back.